Active Directory Domain Controller server is primarily a Microsoft authentication and authorization system that runs Active Directory Domain Services server role. Active Directory server is also known as simply AD or AD DS or DC (Domain Controller). Active Directory stores AD objects like, user accounts, groups, computers, organizational units, etc. This article shows steps to install Active Directory Domain Controller in Windows Server 2019. You can install multiple Domain Controller in multiple location with replication for high availability and scalability.
Install Active Directory Domain Controller in Windows Server 2019
There are few things that needs to be planned before installing domain controller in your network for the first time. They are,
- Plan for domain name to be used. Here I will use mustbegeek.com.
- Configure static IP address on the server. Here, I have already configured static IP to 126.96.36.199/24.
- Change computer name. Here, I have changed the server name to MBG-DC01.
You can install AD DS role using Server Manager or Windows PowerShell. Here, I will use Server Manager.
Open Server Manager. Click Manage from the top-right and click Add Roles and Features option.
Click Next on Before You Begin page.
Under Installation Type, choose Role-based installation option and click Next.
Under server selection option, choose MBG-DC01 and click Next. Since this is first Domain Controller server in the network it will only show itself. One you setup multiple server and join those servers to domain, you will see them in this list.
Under Server Roles, select Active Directory Domain Services role. This server role requires various other server features shown above so review those features and click Add Features button. Then click Next.
Under Features page, required features are already checked so click Next.
Under AD DS page, it shows introduction about AD DS server, read through it and click Next.
Click Install button to start installation of AD DS server role.
Once the installation is complete, you are presented with option to promote this server to a domain controller. Click this option.
Under Deployment Configuration, choose Add a new forest option as this is the first domain controller in the network. And under root domain name, type your domain name. Here I have used mustbegeek.com as Active Directory domain name.
Under Domain Controller Options, you can choose forest and domain functional level based on your need. If you are installing first domain controller then you can choose Windows Server 2016 forest and domain functional level. But if you have existing Server 2008 or older version of domain controller in your network then you have to choose older version of forest and domain functional level. As you can see DNS server role is checked by default, this is because DNS can also be part of Domain Controller and DNS records are stored in Active Directory database. Then, you can specify DSRM password which is used for Active Directory restore activities. Then click Next.
Under DNS Options, click Next.
Under Additional Options, review the NetBIOS name and click Next.
Under Paths, you can change the default storage location of database, log files and sysvol folder. Here, I will leave default and click Next.
Under review options, you can review the settings and click Next. If there is any things that needs to be changed you can click Previous and make the change.
Under prerequisites check, click Install.
The server will restart automatically. It will take about 5-10 minutes for the server to install and start.
Once the server starts, this is what logon screen looks like. You will see NetBIOS name\Administrator. Enter the password and login to the server.
After you login, you can open the Server Manager and click Tools, you will now see all Active Directory tools and management snap-ins.
You can open explorer and go to C:\Windows\NTDS and you can see nrds.dit database file, temp.edb temp database file, edb.chk checkpoint file, edbres transaction files. Now that Domain Controller is installed properly, you can create user accounts, join computers to domain, create group policies, etc.